Mon, Dec 23, 11:55 AM CST

Renderosity Forums / Community Center



Welcome to the Community Center Forum

Forum Moderators: wheatpenny Forum Coordinators: Anim8dtoon

Community Center F.A.Q (Last Updated: 2024 Dec 20 3:22 am)

Forum news, updates, events, etc. Please sitemail any notices or questions for the staff to the Forum Moderators.



Subject: Has your rosity email been lifted by spammers?


tcombs ( ) posted Sat, 14 July 2007 at 7:49 AM

 Give it some time, and you'll get spam to new render address. Sometimes takes a month or  a few days.  
 The reason I am concerned about my credit card number is because I think someone (maybe a new employee)  at render is selling email address lists.


Natolii ( ) posted Sat, 14 July 2007 at 9:37 AM

Problem is that it looks like the snooper my be attached to the Profile scripts or close to it.

The Credit card info does not get stored in the profile at all.


3Dillusions ( ) posted Sat, 14 July 2007 at 9:39 AM

I doubt staff have access to email address or credit card info.
But you have a right to be concerned we all do that shop online but I have never been ripped of and I have being buying online for 8 Years from various place big and small and not once has my credit card been hacked.

You would have more of a chance of losing money in an Online Bank that any merchants online they fortunalely are more savvy and up to date with webpages than the online banks are.

In my country for instance Australia, they are trying to blame the consumer if you lose money while doing a online transaction instead of beefing their security up..  It stinks and I can assure you they will not get away with it. No law will pass like this while I breath and walk lol.

I say let the techs find the little pest that is lose, Nuke it and strength security, as  putting the balme here there and everywhere is a  distraction. 

I trust the guys that load the software and code to spend the proper time to look for it.
They will notice it as they know exactly which code they  have written for this site.

Unfortunaltey these things happen all the time, its good of us to point it out, but I dont like to point the finger at one person or a group of people, like I have said before these Guys employ hackers to do these kind of  things, they have Billions at their disposal.


Penguinisto ( ) posted Sat, 14 July 2007 at 12:20 PM

Quote - I doubt staff have access to email address or credit card info.

They don't have to, as long as the servers do. The CC info I don't know how they handle - it could be a temp session file, it could be stored. Either way, it could be an inside job, but I doubt it... PHP has enough weaknesses that all it would take is the right exploit and a listener script (or simpler, a set of DB queries) to catch the data. it would take a bit more sophistication to scrounge temp sessions (if you have shell access to a PHP-running web server, take a peek in /tmp (the default temp file location) sometime - busy sites can get packed in a hurry. :) ) > Quote - You would have more of a chance of losing money in an Online Bank that any merchants online they fortunalely are more savvy and up to date with webpages than the online banks are.

Sometimes that's the case, but nowhere near all the time, or even most of the time in my experience. I still keep my money with a bank in Utah (used to live there - in Oregon now) because their web security is just That Damned Good. I haven't had to be there in person since February, and only had to telephone them 3 times (to let them know my new address when I moved twice, and once because my idiot ex-wife had her tax return direct-deposited to my savings account). IMHO, the most secure websites are the high-end established pornography sites. They have no choice but to be secure, becuase they've had to put up with theives and cracking attempts for far, far longer than any bank has. (In fact you'll find the best bank security rigs were prolly built and maintained by former pr0n administrators). > Quote - I say let the techs find the little pest that is lose, Nuke it and strength security, as  putting the balme here there and everywhere is a distraction.

I agree, which is why I was wondering a bit at all this official spouting off about trojans and MCSE's instead of digging through the logs and patch lists. To her credit, at least Stacey was [i]trying[/i] to do something productive (though IMHO I find that the process can often overshadow the solution... the times add up; it needs to be looked into). > Quote - They will notice it as they know exactly which code they have written for this site.

Actually, as a guy who has done the debug thing, and the troubleshooting thing, the time it takes to find out what might be amiss will vary. Scripts* are usually spread around by areas of responsibility - not everybody is going to know every line. Also, familiarity can often be more of a hindrance than a help (peek at, say, a 1500-line script sometime... even if you yourself wrote it, you will tend to subconciously gloss over the bits you think aren't part of the problem, when it could well be lurking there). Also, it could be outsourced - it's easier to take a module or functionality and hire someone to either write it, or customize one they have for inclusion. In terms of work saved by not re-inventing the wheel, it can be a benefit at times. In short - it's going to take a little time. > Quote - Unfortunaltey these things happen all the time, its good of us to point it out, but I dont like to point the finger at one person or a group of people, like I have said before these Guys employ hackers to do these kind of  things, they have Billions at their disposal.

Crackers and Script Kiddies have many achilles' heels - their efforts are omnidirectional, most will simply (and blindly) copy the efforts (and tools) of the few who do know what they're doing, and quite frankly, their biggest salvation is the fact that PHP is almost as full of swiss cheese as Microsoft IIS. *(a silly pet peeve of mine - please don't call it "code"; there's no compiling there. Sorry, but it kinda irks when I see it). /P


Lord_syphex ( ) posted Sat, 14 July 2007 at 10:24 PM · edited Sat, 14 July 2007 at 10:27 PM

Quote - > Quote - Now you have to consider the demographics in involved. I see Massachusetts (myself), Australia, Canada and England. These e-mails have to go through different servers. So if there is a zombie somewhere in the picture, it has to be close to Renderosity.

And the Spam did co-incide with the Newsletter release for me.

Add Oregon... Not sure if I still have my logs, but I can try to reconstruct them if anyone needs 'em. /P

 

You can add Ohio to the list too.

Oh by the way I have two different AV's that I scaned my system with. As well as two different online AV scanners. None of them have found any trojans or anyother malware/spyware etc... on my system. So while it's possible I guess that there could be one out there, that the AV's all miss,  I tend to doubt that a trojan on my system is the problem.


Natolii ( ) posted Sun, 15 July 2007 at 6:26 AM

The problem is that when the problem was originally brought up, the members were told, in essence, it's on their end and not Rendo's.

When I jumped in this around, I had Rendo's MSCE insult my intelligence and my education. I may not have the fancy certifications, but I do have a degree that includes classes in information security. I'm not a total rube that only knows how to turn the machine on.

I was at last year's Siggraph, Stacey should remember me and my fiancee from the After-Conference Get together...

I am not an idiot by any means and I resent being treated as such by someone that should have some degree of computer skills.

That's what has my blood boiling at this point, PMS aside...


3Dillusions ( ) posted Sun, 15 July 2007 at 8:11 AM

*(a silly pet peeve of mine - please don't call it "code"; there's no compiling there. Sorry, but it kinda irks when I see it).

LOL, I promise not the say the C word ever again if you dont say the MS word :)

Check out this great link I found on Email Address Hacks from Online servers.

http://techfinder.vnunet.com/vnunet/search/index/sol_summary/10000001787?pos=2&trkpg=PARTNER_SEARCH_RESULTS_VNUNET&stype=Hacking&n=10000001787&c=VNUNET

Angela


Natolii ( ) posted Sun, 15 July 2007 at 11:13 AM

Testing day 6...

Scam Spam has doubled in the Renderosity Exclusive Box and there has been a noticeable decrease in the original box...


Penguinisto ( ) posted Sun, 15 July 2007 at 11:47 AM

Quote - *(a silly pet peeve of mine - please don't call it "code"; there's no compiling there. Sorry, but it kinda irks when I see it).

LOL, I promise not the say the C word ever again if you dont say the MS word :)

Check out this great link I found on Email Address Hacks from Online servers.

http://techfinder.vnunet.com/vnunet/search/index/sol_summary/10000001787?pos=2&trkpg=PARTNER_SEARCH_RESULTS_VNUNET&stype=Hacking&n=10000001787&c=VNUNET

Angela

D'oh! I'll get my regstriation on when I get home later tonight to get at the paper... from the abstract I can almost guess it, but I wanna read it first. Thx muchly!


Seren ( ) posted Tue, 17 July 2007 at 8:22 AM

Quote - Please, read what I write, not what you want to read.
I said that there are computers infected with trojans generating spam emails with spoofed 'send from' info to amongst others, Renderosity members. And that's a perfectly good explanation of what's going on, why you are receiving spam on and from Rendo accounts.
I didn't say it's your fault or it's your system doing that.  You are on the receiving end and sometimes it looks like you've sent spam to yourselves thanks to the 'spoofing'.
That's all.
To paraphrase you, TrekkieGrrrl: " WHY is it that hard for members to admit that there may be faults in the glorious members' system?"

This is the last I'll say on this subject. "Why write if you choose to read what's not written?"

 

As a Sysop on another news-server I'm appalled by the way you Andy are answering posters genuine concerns about spam!
A moderator should be polite at least.

I'm having exactly the same problems other posters in this thread have with spam to an email which is dedicated to Renerosity.  I do not have trojans etc. That's insulting to people's integrity to suggest it's our fault.  There is a flaw in the system somewhere and I can assure you it's not in mine.  This thread has confirmed what I suspected - that the fault lies with Renderosity.
As someone who addresses questions about computer security I know that the only way spammers could get hold of Renderosity addys is for Renderosity systems to have a flaw which allows addys to be stolen.
The spam started several weeks ago.

I suggest that you cool down Andy and have some discussions with other mods and Admin and address posters' genuine concerns in a civil and adult manner.


Natolii ( ) posted Tue, 17 July 2007 at 2:48 PM

Any word, Stacey?

Or has this issue been pushed aside with the Modifications?


Penguinisto ( ) posted Wed, 18 July 2007 at 12:30 AM

Could be that they assume the prob has been taken care of w/ the site redesign? /P


Natolii ( ) posted Wed, 18 July 2007 at 6:17 AM

If they are that naive... Anyone who has any experience with PHP knows that is unlikely.


bonestructure ( ) posted Wed, 18 July 2007 at 11:43 AM

Spam pffft. Wait till someone phishes your email and uses it to start sending out mortgage spam and you start getting flooded with mail can't be delivered messages. Now THAT'S irritating.

Talent is God's gift to you. Using it is your gift to God.


StaceyG ( ) posted Wed, 18 July 2007 at 1:02 PM

I am continuing to get the needed responses to the questions I asked and compiling those for the programmers. With the site redesign everyone has been pretty tied up with that for awhile.  We are taking this seriously and have been doing research and testing for months now to try and pin down the issue.

What just beats the heck out of me though is, I set up I know 10 different email accounts with different providers and have yet to receive the first spam to any of them..I only put them in my profile here on my test accounts, made sure to get ebots for a few forums, fav artists, fav vendors, newsletter (each one I did a little different so maybe if one of them actually received any spam it would help narrow down the problem) and then just let them sit. I didn't send anything from those accounts and its been over two months and I've yet to see anything unusual..just the ebots that I asked for.  
I do receive spam on my personal accounts that I actually use on a daily basis. But all those, I'm sending mail from, receiving lots of mail, use on different sites, etc..so I expect spam on those but these other 10, nothing???

Anyhoo, hopefully we can get some results soon:)


Natolii ( ) posted Wed, 18 July 2007 at 1:12 PM

Depends on the providers too Stacey.

In my experience there are providers that delete spam on the server level. Verizon and Comcast are known for this.

My provider is www.aplus.net


StaceyG ( ) posted Wed, 18 July 2007 at 1:17 PM

Yeah, my comcast account gets NO spam, ever.    But you would think out of all ten I set up (and a few of the others in the office set up some test ones for their domains or different providers than I did) one at least would have gotten something:(


CrimsonDesire ( ) posted Wed, 18 July 2007 at 3:11 PM

Er... I don't know if this has anything to do with anything, but I thought I'd report it since I've been glancing at this thread and I haven't seen anyone else mention it over the last few days.

Like some of the others I've been recieving for awhile a great many "Spam" type of e-mails of the type described which I delete right away.  It's become such a daily occurance I don't even bat an eye at it.

In the last few days or so I think right about the time the site was redone, I noticed they all seemed to cease, the "You've won... Inherited.. etc" and such things I mean such as were described earlier in the thread.  I did recieve one "Spam" type e-mail today which I deleted, it may be unrelated, but apart from that nothing and the sudden silence is almost creepy.  I was wondering if anyone else has experienced this sudden "silence"?

I also have, if I may, a thought as to why StaceyG and her fellow employs may not be recieveing any "spam" type e-mails on there accounts, more of a question really... Is it possible that assuming  these teams of hackers and such may have cracked Rendo's security measures, is it not also possible they can distinguish certian e-mails and such as belonging to Admin/Mods/Programmers/etc including new ones they set up as a sort of bait as it were for them and as such avoid sending them any of the "Spam" type e-mails others seem to be recieving?  I honestly don't know anything about such matters I just wondered if that might explain the disparity.

Well, if in fact there is a hole in Rendo security I certianly hope the Staff is able to come up with a suitable defense.

Best of luck! ^^


lemur01 ( ) posted Wed, 18 July 2007 at 3:19 PM

I, too, have noticed a suden drop off of 'Nigerian' type spam since the site changed. However, I put it down to the fact that i had also just deleted my history file in... urm... months lol. But if others have experianced this too then maybe there is a link. If so, i hope it gives the admin another avenue to explore.
Jack


Hawkfyr ( ) posted Wed, 18 July 2007 at 6:03 PM · edited Wed, 18 July 2007 at 6:12 PM

Content Advisory! This message contains profanity

Attached Link: Can I draw you a Picture? (Link has "kuss werds)

***"**Now you have to consider the demographics in involved.* I see Massachusetts (myself), Australia, Canada and England. These e-mails have to go through different servers. So if there is a zombie somewhere in the picture, *it has to be close to Renderosity*."**

** **

Oh My Gawd....Some actually gets it.

 

Somebody actually gets what I've been saying for months now.

 

I've even drawn fricken pictures descibing this scenario as to why it's happening.

 

This "IS" what is causing it. 

 

Do you "Receive" EBots from Renderosity?

 

Do you "Receive" newsletters EBots from Renderosity?

 

Then you are subject to get your e-mail address intercepted along the way by someone copying the headers

 

The keywords are "...close to Renderosity."

** **

Could even be why Stacey's test turned up nothing.

(She is too close..and perhaps hers doesn't even make it to said router)

 

I'm just delighted that someone finally,...after all this time... "Gets It"

 

Tom

www.renderosity.com/mod/forumpro/showthread.php

“The fact that no one understands you…Doesn’t make you an artist.”


3Dillusions ( ) posted Wed, 18 July 2007 at 8:58 PM

I forgot to add I have never used my home email address online no way and this is one of the main reasons, I use gmail for all my emails, wether I buy or subscribe to newsletters.

The renderosity one is flooded daily with Nigerina Scams.
The Daz Gmail account is not.

This all started at the last major update ot the server before that there was no emails, and I can assure you all, I dont have malware, spyware nor a virus or a trojan that is pumping out anything.


Lyne ( ) posted Thu, 19 July 2007 at 1:50 AM

I deleted my old yahoo, made a new one, got spammed like crazy, deleted that one, used my PEROSNAL IPS that NEVER gets spam to any of my addresses...and used it's on line web mail (to keep my CLEAN computer safe) and IT got spam up the wazooo... so deleted that and made just one yahoo for ONLY here...and it gets tons and tons of "lotto, you have one, need your help, got money in an account"..and on and on... 

IF the site redesign has helped then I would be glad to set up a whole new yahoo and TRY AGAIN, as it gives me a headache to go through and delete 20 or 30  mails each visit to my yahoo... 

sooo keeping watch here...

Life Requires Assembly and we all know how THAT goes!


Acadia ( ) posted Thu, 19 July 2007 at 2:08 AM

Quote - I set up I know 10 different email accounts with different providers and have yet to receive the first spam to any of them..I only put them in my profile here on my test accounts, made sure to get ebots for a few forums, fav artists, fav vendors, newsletter (each one I did a little different so maybe if one of them actually received any spam it would help narrow down the problem) and then just let them sit. I didn't send anything from those accounts

Maybe part of the problem is the outgoing mail server?  Those of us who are having problems use their email address for more than just getting newsletters and bots from forums.  I know I have used Renderosity's sitemail to send email address to other members if I know they don't check their PMs. Maybe just creating and not using the email address in the profile for anything but receiving bots isn't a problem, and that the problem starts when you actually use the Renderosity server to send emails?

"It is good to see ourselves as others see us. Try as we may, we are never
able to know ourselves fully as we are, especially the evil side of us.
This we can do only if we are not angry with our critics but will take in good
heart whatever they might have to say." - Ghandi



3Dillusions ( ) posted Thu, 19 July 2007 at 3:27 AM

No thats not right,  I dont use the email function on Renderosity I only use the Message thingy and like I said before the spam is coming at about even these days

If I get 12 ebots,  I get 12 Spam messages, so its definately coming from somewhere here, the email address is only for renderosity, not point opening up a new one, it will get spammed too.

We need to find were it is, and close it down, as these guys are serious criminals, this is not your regular, diet pill or fake watches spammers these guys are a multi billion dollar business.

Angela


vince3 ( ) posted Thu, 19 July 2007 at 5:24 AM

waves at Tom!! you still hangin' in there buddy?

the way Tom wrote it above, sounds the right way to write it as to what i had concluded, about this last time it came up,

basically i had likened it to phone tapping, if you were to tap someone's phone you could either pay the operator (server) or tap the receiver's phone (user) both good ways to get caught out, but if you were to tap in on any of the telegraph poles (routers) along the way in between the operator and the receiver, then there is a lot less chance that you would be discovered.

now, i would guess that Rendo' is only able to check for trojans/viruses and the like at their server, and maybe as far as up to the first point at which the cables are re-routed, after that i would guess that they can't find out anything for you, as i wouldn't think they can scan or check any further.

so i think it is very unfair to be aiming all this at Rendo', as i don't see how they can do anything to help.

anyway last time this came up i said i was doing some experiments to try and get rid of the scam spams, that i was getting at that time too, so this is what i did, and i now get none again, i write this incase it works for someone else too, might/might not.

  1. turn off all e-bot notifications, fav artist uploads and forum replies( i still receive newsletter)

  2. when you log out of here, clear your temp, cookie and history files! AND close down Explorer (whatever you use) then do a "disk cleanup" (takes couple of minutes to do) i do this because i noticed that even if you clear your temp folders, the cookies in there are still active, and the way to de-activate them is to "disk clean" and then look in your temp folder (still inside disk clean utility) group select all those folders and delete (these folders don't show up when you just look in your documents and setting temp folder!!), then when you click ok in disk clean, it will empty the recycle bin with them folders in.

  3. don't open these scam emails ever!! as just opening them can relay a message to the sender that you have received it and so notify them that that email is active.

  4. i also selected the option that my provider should delete all my spam (kept newsletter to make sure it didn't eat everything).i think if i were to get anything that didn't go to my email that it would go to outlook express folder, not sure though!! will check in minute if there is anything in there.

i think that is all i did, and eventually it stopped altogether, but i believe that the not opening these scam emails is the most important part, as i would guess that all the ones that are opened send back the message that they have been opened and then the scammers just store all the email addresses that have told them they are active, so next time they just send out to those active addresses.

anyway i don't know if any of that is right or wrong thing to do, but it worked for me, so just sharing info, just hope it works for someone else as it is annoying!!

Vince. (unchecks "Notify me when someone replies" box, then hits "post reply")


Seren ( ) posted Thu, 19 July 2007 at 5:38 AM

Quote - I am continuing to get the needed responses to the questions I asked and compiling those for the programmers. With the site redesign everyone has been pretty tied up with that for awhile.  We are taking this seriously and have been doing research and testing for months now to try and pin down the issue.

What just beats the heck out of me though is, I set up I know 10 different email accounts with different providers and have yet to receive the first spam to any of them..I only put them in my profile here on my test accounts, made sure to get ebots for a few forums, fav artists, fav vendors, newsletter (each one I did a little different so maybe if one of them actually received any spam it would help narrow down the problem) and then just let them sit. I didn't send anything from those accounts and its been over two months and I've yet to see anything unusual..just the ebots that I asked for.  
I do receive spam on my personal accounts that I actually use on a daily basis. But all those, I'm sending mail from, receiving lots of mail, use on different sites, etc..so I expect spam on those but these other 10, nothing???

Anyhoo, hopefully we can get some results soon:)

 

Thanks for your respose Stacey.  And thank you for taking our concerns seriously.  I know this is a tough problem overall.

I've had another thought on this.
Do merchants have access to people's addys?
I know I've received updates notifications by email and notifications of gifts from merchants by email.

If their systems are flawed in some way then it could create a vulnerability for our email addys.
This could account for some receiving spam and some not.


LMDesign ( ) posted Thu, 19 July 2007 at 6:19 AM

I am a merchant and I don't have access to members emails. I can send emails to buyers using a form on their homepage but I can't see their email address. Only if a buyer then answers me by email, could I find out his/hers address from the message source. I personally prefer to use Renderosity's internal messaging system though because this keeps my email private as well.

 

Concerning some people mentioning that there has been less spam since the site update, I have not noticed this. Spam continues to arrive to my dedicated Renderosity address like usual. I have given up changing the address as this has not helped thus far. I am on my 3rd address since April.


Hawkfyr ( ) posted Thu, 19 July 2007 at 7:06 AM · edited Thu, 19 July 2007 at 7:06 AM

"Those of us who are having problems use their email address for more than just getting newsletters and bots from forums."

 

 

Not Gill...She only "Receives" ebots/newsletter,etc., and checks her mail through Mailwasher...but it doesn't matter...an e-mail Left Rosity...addressed to Gill (Had Gill's E-mail address in the header)...and that header was harvested along the way.

 

Likely from a router close to Rosity.

 

Tom

“The fact that no one understands you…Doesn’t make you an artist.”


Natolii ( ) posted Thu, 19 July 2007 at 9:46 AM · edited Thu, 19 July 2007 at 9:47 AM

Still it is a concern, none-the-less... One that Renderosity needs to address, even if it is to track down which Backbone provider is compromised.

And no, I am not noticing any difference in the type and fequency in the spam coming in, through it seems to come in with the E-bots and Newletters. And the E-mail address I am currently using was create specifically to receive Renderosity. I do not send anything from it nor do I receive things from anyone else "legit."

Rather ironic though... One piece of Spam slips through my junk mail filter, yet the Newsletter gets sent to the junk box.


Acadia ( ) posted Thu, 19 July 2007 at 10:14 AM · edited Thu, 19 July 2007 at 10:18 AM

Quote - basically i had likened it to phone tapping, if you were to tap someone's phone you could either pay the operator (server) or tap the receiver's phone (user) both good ways to get caught out, but if you were to tap in on any of the telegraph poles (routers) along the way in between the operator and the receiver, then there is a lot less chance that you would be discovered.

now, i would guess that Rendo' is only able to check for trojans/viruses and the like at their server, and maybe as far as up to the first point at which the cables are re-routed, after that i would guess that they can't find out anything for you, as i wouldn't think they can scan or check any further.

so i think it is very unfair to be aiming all this at Rendo', as i don't see how they can do anything to help.

Then why is it that  email addresses entered at sites such as Daz and Poser Pros aren't getting spam?

I'm serious when I tell you that I asked about the spam problem to Renderosity specific email addresses  and I was told by staff that the problem started when Renderosity did something to their mail servers to increase the amount of mail that they can send.

Prior to January 2007 I was using an old hotmail address that I call my "spam account" and it's the email address that I use to enter at sites that require an email address to join. I get about 2 dozen spam to that email address everyday, but it's also an email address that I only access from the web and not my outlook express. TBH because I was using an email address that I get loads of spam to, I didn't know that some of the spam I was getting was as a result of having my address listed in my profile here.

In January I took a position as a co-ordinator and was given an @renderosity.com email address to use so that when I had to email people I wasn't giving out my own private email address.  That @renderosity.com email was only here, and I only used it for Renderosity business and for no other purpose. I never shared the email address with anyone outside of Renderosity. Emails were sent to members from here as well as from my Outlook Express using POP3 using that @Renderosity.com address.  I think I had that address less than a couple of weeks when I started to get all kinds of "you have won" or "get rich quick" type emails to this brand new, exclusive Renderosity email account.

I think I left staff at the end of April or the end of May and had to give back the @renderosity.com address.  I made a mistake of putting in my private Outlook Express email address from my ISP in my profile area. An address that I've had since 2000 or 2001. It was also an address that I had never used at any website of any kind, ever. I only used it for business purposes and for close friends. It had never received a single spam email, ever.  It was a matter of days after adding that address to my profile here, and only here, that I started to get email spam to this account. The same types of "you have won" and "get rich quick" type spam that I had been getting with the @renderosity.com one.

I changed to a gmail.com account that I have had for years and have never used on a website and that has sat dormant for almost as long as I've had that address which goes back to the days of when Google first introduced their gmail.  Again, no spam to that account of any kind...that is until I put it in my profile here, and only here at Renderosity,  as the email to use to contact me etc.  The gmail account that I have entered here is only used for here and no where else. I have it set up using POP3 so that the emails are delivered to my Outlook Express for more convenience.

I use one emaill address  for Daz and Poser Pros. It  is a hotmail address that goes back to 2003.  I have been using that email address via POP3 to my Outlook Express since the creation of the address,  It has never received a single spam email to it mainly because while I had it linked to POP3, I never used it for anything, but because it was grandfathered for POP3 privilges I kept it active by sending myself an occasional email so it wouldn't be deleted.  Despite having it in my account options at Daz and at Poser Pros, Nerd3D and I think 3D Commune, I still have never received a single spam email to that hotmail address.  The only thing that comes to that address are my purchase confirmations and newsletters which I sign up for.  A hotmail address with not a single spam email to it!

I also have another hotmail address that I have had for a couple of years. The only thing I use that address for is to sign on to MSN messenger  and to access one MSN Group. Again, a hotmail address that is about 2 years old that has never received a single email spam.  However, based on all of the above, I have no doubts that if I were to enter that address here at Renderosity, that I would start to receive spam mailings to it too.

I am not saying it's Renderosity sending me the spam. I am saying that they have a problem with their mail server which has been acknowledged by staff already, which is causing the spam to filter through.    Daz and Poser Pros manages to keep their mail server secure enough that the emails used there are not receiving spam. Why can't Renderosity do the same thing?

"It is good to see ourselves as others see us. Try as we may, we are never
able to know ourselves fully as we are, especially the evil side of us.
This we can do only if we are not angry with our critics but will take in good
heart whatever they might have to say." - Ghandi



Hawkfyr ( ) posted Thu, 19 July 2007 at 12:23 PM · edited Thu, 19 July 2007 at 12:27 PM

Attached Link: Diagram

Hi Natoli,

 

***"***Still it is a concern, none-the-less... One that Renderosity needs to address, even if it is to track down which Backbone provider is compromised.." 

Why should Renderosity go any further than their own servers to resolve a problem that they can not fix?

 

Let me ask you something...when you send or receive e-mail (any e-mail), are you asked which path that email takes to reach it's final destination?

 

I'm not asked that...why should one expect that Rositys' automated reply system is presented with such a question?

 

Once an email is sent (unless it via a VPN or LAN),.... it's out there in the Wild Wild West of Cyber-Space...There is no way Rosity has control over that e-mail/bot, once it has left their server(s).

 

It Matters Naught (He is your King) what e-mail or webmail program you use.

 

Outlook, Outlook Express, Yahoo, GMail...has nothing to do with it.

 

Simply put..

 

 1) An E-Mail left Renderosity to you.

 

 2) Contained in that e-mail header,...was your e-mail address.(otherwise...how would it get to you?)

 

 3) Once it left Rosity's E-mails servers,...it is out of thier control which path that e-     mail/bot takes to get to you.

 

 4) Along that path...is a router.

 

 5) Someone with access to that router, is harvesting e-mail addresses from the e-mail headers.

 

 6) That someone collects all of these (Good) E-mail addresses.

 

 7) That someone compiles a CD of (Good) E-mail addresses.

 

 8) That someone sells that CD to the Spammer.

 

 9) Your E-mail address is on that CD

 

  1. "You've Got Spam"

 

It's really pretty simple...it's not rocket science.

 

 

Hi Acadia,

 

"Then why is it that  email addresses entered at sites such as Daz and Poser Pros aren't getting spam?"

 

sigh

 

Because DAZ's E-mails are taking another path to you...that does not pass through the router(s) that Rosity's does.

 

Please read the post linked.

Click on the picture for a simplified diagram.

 

The fact that you started getting Spam on your (then) "@renderosity.com" account...only supports this scenario.

 

http://www.renderosity.com/mod/forumpro/showthread.php?message_id=2948841&ebot_calc_page#message_2948841

 

Tom 

 

“The fact that no one understands you…Doesn’t make you an artist.”


Khai ( ) posted Thu, 19 July 2007 at 12:26 PM

any chance you could have put that in an even more patronising way Tom? I mean.. you only treated her like a 4 year old there.


Lord_syphex ( ) posted Thu, 19 July 2007 at 12:29 PM · edited Thu, 19 July 2007 at 12:31 PM

Quote - "Those of us who are having problems use their email address for more than just getting newsletters and bots from forums."

 

 

Not mine.  My email adress for this site is only used for this site. Oh and Tom as for your question as to why Rosity should go any further than their own servers?  Because they are who required we give them our email adress to begin with.


Hawkfyr ( ) posted Thu, 19 July 2007 at 12:35 PM

I could try...but I'm not sure I have it in me..but here goes.

 

This question has been beat to death.

 

More than adequate explanations (including pictures) have been provided.

 

Those bent on conspiracy...will continue to ask.(not saying Acadia is bent on conspiracy)

 

Those bent on conspiracy...have not challenged the scenario.

 

 

Yet..The question remains to be asked over and over and over,...despite the explanation.

 

So yeah..it does get frustrating to explain the scenario over and over (like one might have to with a young'n)...especially when a link to that very question...was provided in this very thread.

 

 

How was that?

 

See...I told you I probably didn't have it in me.

8 )

 

Tom

“The fact that no one understands you…Doesn’t make you an artist.”


Hawkfyr ( ) posted Thu, 19 July 2007 at 12:40 PM

Hi Lord_syhex

 

"Not mine.  My email adress for this site is only used for this site. Oh and Tom as for your question as to why Rosity should go any further than their own servers?  Because they are who required we give them our email adress to begin with."

 

 

So then...I should expect my ISP or hosting service, to do the same then...after all...they are among those who are handling the e-mail as well.

 

Maybe Rosity should contact every members ISP, and convince them to make a direct route to every single member.

 

Tom

“The fact that no one understands you…Doesn’t make you an artist.”


gillbrooks ( ) posted Thu, 19 July 2007 at 12:49 PM

Quote -    1) An E-Mail left Renderosity to you.

 

 2) Contained in that e-mail header,...was your e-mail address.(otherwise...how would it get to you?)

 

 3) Once it left Rosity's E-mails servers,...it is out of thier control which path that e-     mail/bot takes to get to you.

 

 4) Along that path...is a router.

 

 5) Someone with access to that router, is harvesting e-mail addresses from the e-mail headers.

 

 6) That someone collects all of these (Good) E-mail addresses.

 

 7) That someone compiles a CD of (Good) E-mail addresses.

 

 8) That someone sells that CD to the Spammer.

 

 9) Your E-mail address is on that CD

 

  1. "You've Got Spam"

 

It's really pretty simple...it's not rocket science

 

Tom 

 

 

My my, they do get their CD's sent out to spammers BLOODY QUICK - last time I changed my email address (3rd or 4th time) I got spam to it within hours.

Get off your high horse and leave this to the people that know what they're talking about please.

Gill

       


Hawkfyr ( ) posted Thu, 19 July 2007 at 12:57 PM

Hi Gill,

Perhaps newly harvested e-mail addresses are forwarded to existing customers of the one harvesting the e-mails as an incentive to continue to 'deal".

 

I'm surprised at your reply Gill,I never saw you as one of those "bent on conspiracy"

I've always treated you with respect regarding this, and even took your method of checking e-mail into consideration when explaining it.

 

Shrugs

 

Oh well...To those who Understand...no explanation is necessary.

 

To those who "Will" not understand...no explanation will suffice.

 

See ya

 

I certainly hope you resolve "Your" Spam Problem(s)

 

Tom

“The fact that no one understands you…Doesn’t make you an artist.”


Hawkfyr ( ) posted Thu, 19 July 2007 at 1:17 PM

New List for Gill

 

 

 1) An E-Mail left Renderosity to you.

 

 2) Contained in that e-mail header,...was your e-mail address.

 

 3) Once it left Rosity's E-mails servers,...it is out of thier control which path that e-mail takes to get to you.

 

 4) Along that path...is a router.

 

 5) Someone with access to that router, is harvesting e-mail addresses from the e-mail headers.

 

 6) That someone collects all of these (Good) E-mail addresses.

 

 7) That someone sells your E-mail address to Spammer

 

 8) "You've Got Spam"

 

Yes...within Hours...in fact...I'm surprised it took them that long to spam you.

 

 

 

Tom 

 

“The fact that no one understands you…Doesn’t make you an artist.”


vince3 ( ) posted Thu, 19 July 2007 at 1:44 PM

if you think back to when this subject was started, i think the title was something like "renderosity has sold our e-mails to scammers" or similar.

now if you look at it from the view of a person that makes money from selling e-mail addresses, you would expect to encounter some that can do it (harvest e-mails), and others than can do it very well, it could be that rendo' has attracted someone that can do it very well, and that in them doing it very well,  means that even if you change your e-mail addy, you still get hit within hours.'cause that is what they do.

i guess the people that do this stuff are a bit like the people/vermin that sit around of an evening inventing viruses that will come and destroy your computer, they are well versed in what they do, and he could easily have an equally well versed e-mail harvesting counter-part.

sounds plausible to me anyway.


boobunny ( ) posted Thu, 19 July 2007 at 1:51 PM · edited Thu, 19 July 2007 at 1:55 PM

I agree, Andy and Renderosity owes an apology.  He was clearly looking down his nose.  And he jumped on the defensive wagon pretty quick.  I think he was rude.  Not good customer service at all.  As a business owner, if he was my employee, there would be disciplinary action taken for that.   * *

I too started getting tons of spam a few months ago.  I had no clue to why.  I didn't do anything any different than before.  I figured it had to do with someone selling or leaking.  But I use my account for Daz, 3DC, RDNA as well as Rendo. 


vince3 ( ) posted Thu, 19 July 2007 at 2:04 PM

not exactly off topic-
 
but i was sitting thinking here today at how amazing it is that I in London, can write something here, click "post reply" and it appear on these boards within a second, and if someone else is in this thread at the same time say from Aussie (other side of world from me), can reply, and i can see there reply in seconds, i can actually have a conversation with someone the other side of the world, and the only delay in the conversation is the amount of time it takes to type the reply.

i had heard that when America and England were connected via the internet that a boat leaves one for the other, and has a dirty great big amount of cable on board that it just drops out the back as it goes along, probally took weeks to get here or there (whichever way it went) but when it did arrive it would of only taken a second to relay the message over the newly laid net connection that it had arrived and all is well, that's quicker than the harbour master could of said "no you can't dock here landlubber!! now b***er off back to sea with you!!"

anyhoo with all that being said it would be equally amazing to think that a "good" e-mail harvester would take more than a couple of minutes to harvest newly opened accounts with Rendo'..............see it linked in eventually.


Natolii ( ) posted Thu, 19 July 2007 at 2:05 PM · edited Thu, 19 July 2007 at 2:06 PM

Hawk, I do resent your tone.

I happen to pay money for this account and I am well within my rights to see this corrected. It took 3 days for spam to hit this new Box, but it cooincided with the release of the Weekly newsletter.

At this point, the evidence is point to a compromise in Rendo's security.

However, I am very tired of trying to get an issue resolved and having a person I don't even know insult my intelligence. This is two people in in one thread.

Small wonder why I dislike these forums.


Ardiva ( ) posted Thu, 19 July 2007 at 2:37 PM

Quote - I deleted my old yahoo, made a new one, got spammed like crazy, deleted that one, used my PEROSNAL IPS that NEVER gets spam to any of my addresses...and used it's on line web mail (to keep my CLEAN computer safe) and IT got spam up the wazooo... so deleted that and made just one yahoo for ONLY here...and it gets tons and tons of "lotto, you have one, need your help, got money in an account"..and on and on... 

IF the site redesign has helped then I would be glad to set up a whole new yahoo and TRY AGAIN, as it gives me a headache to go through and delete 20 or 30  mails each visit to my yahoo... 

sooo keeping watch here...

Lyne, I have a Yahoo email account which is not used here or anywhere else. I get tons of spam from Yahoo as well, so I think that really is a Yahoo thing and not Rendo's.



gillbrooks ( ) posted Thu, 19 July 2007 at 2:44 PM

Quote - Hi Gill,

Perhaps newly harvested e-mail addresses are forwarded to existing customers of the one harvesting the e-mails as an incentive to continue to 'deal".

 

I'm surprised at your reply Gill,I never saw you as one of those "bent on conspiracy"

I've always treated you with respect regarding this, and even took your method of checking e-mail into consideration when explaining it.

 

Shrugs

 

Oh well...To those who Understand...no explanation is necessary.

 

To those who "Will" not understand...no explanation will suffice.

 

See ya

 

I certainly hope you resolve "Your" Spam Problem(s)

 

Tom

 

I'm not 'bent on conspiracy' at all - in fact I mentioned your input on this subject in previous threads, giving part of it some credibility, in my emails to Stacey last week.

What is gnawing at me in all this is your persistent sarcastic manner.  Sorry if I offend but that is how you are coming across each time and it really pisses me off.  

I may be a Gemini, but I'm not 2-faced, I just say it like it is.

Gill

       


Natolii ( ) posted Thu, 19 July 2007 at 3:19 PM

You are not the only one, Gill. Frankly, I am tired of talking civilly to someone that insists on being snide.


prodev ( ) posted Thu, 19 July 2007 at 3:19 PM

vince3, Hello London from New Zealand!

I started this thread...asking if anyone elses mail address might have been "Lifted" as in "nicked or sold" to see if I was the only one who was changing addresses and still seeing spam.

I'm obviously not!

I'm thankful the admins are "Looking into it"

Spam is the "Arse of the internet" in my view. That said.....my world isn't going to collapse!

Shame it always comes down to finger pointing, moaning, bitching, he said/she said blah blah blah.

I just need to know that "everything" than can possibly be done to prove there isn't an issue with the site has been, or is being done.

.....and.... good talking to you... over that "Big Cable"  :rolleyes:


Lyne ( ) posted Thu, 19 July 2007 at 3:26 PM

No it's not "just" yahoo... two clues... I have a friend who uses yahoo for rendo and has never gotten spam BUT she also has never participated in the FORUMS...so now I wonder if it may be a leak to do with forum e bots?

and too, when I switched to my PERSONAL isp just for rendo, I got a ton of spam THERE... 

This might be a good test... for me to build a new yahoo now, and NOT respond in forums - I could just read around but not subscribe...even post and be sure to unsubscribe... 

I would be glad to do this experiment to help ....

Just a thought.

Lyne

Life Requires Assembly and we all know how THAT goes!


StaceyG ( ) posted Thu, 19 July 2007 at 3:47 PM

We are doing tests, compiling responses and researching as I've stated. 

Different people have different views on what could and couldn't be happening. I've seen sarcasm on BOTH sides. We need to be civil and continue the discussion or I guess if that can't happen, we will have to lock this thread.


prodev ( ) posted Thu, 19 July 2007 at 3:58 PM

Thank you Stacey


vince3 ( ) posted Thu, 19 July 2007 at 4:08 PM

G'day Prodev, from London, receiving you loud and clear, roger.

i actually missed the beginning of this particular thread, but this subjectt came up a few months ago in two other threads at that time, one of which at that time was titled something like "rendo has sold our e-mails" that's what i was referring to.

so what time is it in Zealand now? it is 9:51 precisely here in blighty.

and do you live near Deane (RGUS)?

Lyne:

that is what i said in my post earlier that by NOT being notified of replies in the forums and Not being notified of your fav artist uploads, and Not opening these scam spams that i no longer get any spam!

i still get an e-bot notifing me when i get favourited or one of my images gets favourited and i also receive my weekly newsletter, but i get no spam with those,

if you want to follow a thread and are afraid it might get buried on a busy day then you could always add it to a "favourites" folder (bookmark) and follow it like that, that way you wouldn't need an e-bot to link back to it.

if forum e-bot notification is the sole reason for all the spam, then i think that the only thing that Rendo could do to help would be to cut off that service to the members, can't imagine that that would be a finacial loss to Rendo' but maybe the members that aren't receiving spam via forum e-bot notification would object to losing that service.


Privacy Notice

This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.